Jamf Nation Community

loceee · ‎10-12-2014

This little guy helps you enable FV2. In our workflow, we have laptops with mobile network accounts. We don't want the initial FV provision to be done on the local admin / management account (for obvious reasons).

FVHelper will check and skip account names that match the skipaccounts array ...
it will then prompt users to enable FV ...
it calls the jamf policy (with attached FV config so FV is enabled and key escrow is handled by jamf) ...
then force them to logout, so they can enter their passwords and start the encryption process ...

You can run it on the login trigger and / or via Self Service.

https://github.com/loceee/OSXCasperScripts/tree/master/FVHelper

loceee · ‎10-12-2014

qsodji · ‎10-13-2014

Awesome!

btaniyama · ‎10-14-2014

Love this! Been looking for a less invasive way for current users to be able to FV without having them stop what they're doing.

Any plans to implement a defer timer, a la Patchoo, where users can no longer defer?

loceee · ‎10-14-2014

Hey yeah, there are few things I'd like to add to it. It's quick and dirty to get the job done right now. More robust and error checking. Feature wise:

- Defer counter.
- Add additional FV users

Any other ideas that people come up with that might be useful. Thanks for the feedback and glad it's helping a few people out. Making our FV deployment much less painful!

loceee · ‎10-21-2014

Latest commit
-defermode (5 defers by default) !
-localise your prompts
-remove checking for receipt and check fv status with fdesetup

Get it while it's hot!

loceee · ‎11-04-2014

A new commit to fix osascript display from root. Weird it didn't affect any of my test vms, or all of my clients.
This work better.

https://github.com/loceee/OSXCasperScripts/tree/master/FVHelper

Jamf Nation Community

FileVault helper script